Jump to content

Recommended Posts

Hi, I'll try and keep this brief but it really is a case of searching for needle in a haystack... I've just started working for a UK charity whose main activity is supported by a massive website. Stacks of information sheets, 3 distinct forums (each about the size of Freaks here), numerous blogs, events pages, webinars etc. etc. Essentially, it is an on-line free community that serves the needs of a very sizeable percentage of man and womankind. Like many charities it relies on gratis contributions from those with time or money to spare. I don't have either, but I do believe in what they are doing. The problem is that that the site itself has grown or rather mutated to become a huge data repository, built from a number of contributors with different skills sets and ways of doing things. At the back of it lurks a CMS which staff (a limited number) use to update site content. 95% of the site is in PHP, with a host of other ingredients thrown into the pot (Tiny-MCE, Perl, Ajax, Fancybox, html5, flash, blah and blah). The problem is in the CMS when someone tries to enter a date beyond 2014 there is no option to do so - -.i.e. that's as far as the dropdown goes. I can see the problem but can't find the offending script/files. Anywhere. Here's a snippet from the viewable source for those with keener eyesight:

<form action="index.php?content=data_universal_new&table=events" method="post" ENCTYPE="multipart/form-data" >
<input type="hidden" name="change" value="">
<table summary="" border="0">
<tr>
<td valign="top">Title</td>
<td><input type="text" name="titlex" size="30" maxlength="256" value=""></td>
</tr> <tr>
<td valign="top">Microsite</td>
<td>
<select name="micrositex">
<option value="INF UK" > INF UK</option>
<option value="MTL" > MTL</option>
<option value="ACE BABES" > ACE BABES</option>
</select>
</td>



</tr> <tr>
<td valign="top">Short description</td>
<td><textarea name="short_descriptionx" cols="40" rows="5" ></textarea></td>
</tr> <tr>
<td valign="top">Thumbnail</td>
<td>
<input type="file" name="graphic[thumbnailx]"> <input type="checkbox" name="deletepic[thumbnail]" value="yes"> Delete?
</td>
</tr> <tr>
<td valign="top">Main page</td>
<td>
<div id="tm"><textarea id="elm1" name="main_pagex" style=" height: 400px;width:460px;" class="mceEditor"></textarea></div>
<p>
<script type="text/javascript">


function toggleEditor(id) {
if (!tinyMCE.getInstanceById(id))
tinyMCE.execCommand('mceAddControl', false, id);
else
tinyMCE.execCommand('mceRemoveControl', false, id);
}
</script>
<div><a href="javascript:toggleEditor('elm1');">[Add/Remove editor]</a></div>
<a href="upload.php" title="Upload Documents" class="iframe">Upload Documents</a>
<span class="tooltip" title="Click here to start the document uploader,The documents will be available to link to in the link list drop-down">
<img src="../images/help.png" border="0" width="15" height="15" alt="" align="top" >
</span>
</p>
</td>
</tr> <tr>
<td valign="top">Date</td>
<td>
<select name="date[4]">
<option >1</option>
<option >2</option>
<option >3</option>
<option >4</option>
<option >5</option>
<option >6</option>
<option >7</option>
<option >8</option>
<option >9</option>
<option >10</option>
<option >11</option>
<option >12</option>
<option >13</option>
<option >14</option>
<option >15</option>
<option >16</option>
<option >17</option>
<option >18</option>
<option >19</option>
<option >20</option>
<option >21</option>
<option >22</option>
<option >23</option>
<option >24</option>
<option selected>25</option>
<option >26</option>
<option >27</option>
<option >28</option>
<option >29</option>
<option >30</option>
<option >31</option>
</select>
<select name="date[3]">
<option value="1" >Jan</option>
<option value="2" >Feb</option>
<option value="3" >Mar</option>
<option value="4" >Apr</option>
<option value="5" >May</option>
<option value="6" >Jun</option>
<option value="7" >Jul</option>
<option value="8" >Aug</option>
<option value="9" >Sep</option>
<option value="10" >Oct</option>
<option value="11" selected>Nov</option>
<option value="12" >Dec</option>
</select>
<select name="date[5]">
<option value="2002" >2002</option>
<option value="2003" >2003</option>
<option value="2004" >2004</option>
<option value="2005" >2005</option>
<option value="2006" >2006</option>
<option value="2007" >2007</option>
<option value="2008" >2008</option>
<option value="2009" >2009</option>
<option value="2010" >2010</option>
<option value="2011" >2011</option>
<option value="2012" >2012</option>
<option value="2013" >2013</option>
<option value="2014" selected >2014</option>
</select>
</td></tr> <tr>
<td> </td>
<td><input type="submit" value="Submit"></td>
</tr>
</table>
</form>
</div>
 
 
<div id="man_div">
<p><a href="index.php?content=data_universal_new&add=yes&table=events">Add event</a></p>

Hmm. Any thoughts would be greatly appreciated.

Edited by Ch0cu3r

 

 

I can see the problem but can't find the offending script/files.

Nor can we without seeing the PHP code

 

You need to find the PHP code that is generating the HTML for the year dropmenu here

<select name="date[5]">
<option value="2002" >2002</option>
<option value="2003" >2003</option>
<option value="2004" >2004</option>
<option value="2005" >2005</option>
<option value="2006" >2006</option>
<option value="2007" >2007</option>
<option value="2008" >2008</option>
<option value="2009" >2009</option>
<option value="2010" >2010</option>
<option value="2011" >2011</option>
<option value="2012" >2012</option>
<option value="2013" >2013</option>
<option value="2014" selected >2014</option>
</select>

It is hard to tell you exactly what to look for in the code. There are to many possibilities to list. The only thing I can suggest is to look for calls to date incombination with a for loop etc.

Point taken, like I said it's a haystack. Here's the events.php and datax.php.

 

Events

<?
if (isset ($item)){
$query = "select * from events where id='$item' ";
$result= mysql_db_query("$db", $query);
while ($r= mysql_fetch_array($result)) {
//$flag=$r["flag"];
?>
<h2><? echo $r["title"]?></h2>
<? if ($r['thumbnail']!=''){?>
<img class="thumbnail" src="/img/<? echo $r['id'];?>/events/thumbnail/200" alt="">
<? }?>
<p class="storyDate"><strong><? echo date ( "d M Y",$r["date"])?></strong></p>
<? echo $r["main_page"]?>




<? 
}
}
else{ 
echo '<h1></h1>';
echo $body;
$nowx=$now-86400;
$query = "select * from events where `microsite`='$microsite' and `date`>$nowx order by `date` asc "; 
$result= mysql_query($query);
while ($r= mysql_fetch_array($result)) {
?>
<a href="<? echo $_SERVER['REQUEST_URI']?>/<? echo $r['id'];?>/<? echo $r['title'];?>" class="news"> 
<div class="news-single">
<? if ($r['thumbnail']!=''){?>
<img class="thumbnail" src="/img_crop/<? echo $r['id'];?>/events/thumbnail/50/50/1:1" width="50" height="50" alt="">
<? }?>
<h3><strong><? echo $r['title'];?> </strong></h3>
<p class="news_date"><? echo date ("j M y",$r['date']);?></p>
<p><? echo $r['short_description'];?>...</p>
</div>
</a>
<? 
}
}
?>

-------------------------------------------------------------------------------------------------------------------------------------------------

 

Datax

<div id="con_div"><? 
//config
 
$table='news';
$order=' timestamp desc';
 
 
 
//workings
//File uploads for graphics and docs
if (count($_FILES)!=0){
foreach($_FILES["graphic"]["name"] as $key=>$val){
//echo $key;
if ($_FILES["graphic"]["name"][$key]!=''){
$graphic_name=$_FILES["graphic"]["name"][$key]; 
$dest=$root.'/pics/'.$graphic_name;
//echo $dest;
copy($_FILES["graphic"]["tmp_name"][$key], $dest);
} 
} 
}

// get the structure
$query = "DESCRIBE $table";
$result= mysql_db_query("$db", $query);
while ($r= mysql_fetch_array($result)) {
//create the ket type array
$keytype[$r[Field]]=$r[Type]; 
}
//delete resource
if (isset ($delete_resource)){
$query = "delete from $table where id='$delete_resource' ";
$result= mysql_db_query("$db", $query);
}
// if we are inserting
if (isset ($change) && $change==''){
$unixtime=mktime( 0, 0, 0, $timestamp[3], $timestamp[4], $timestamp[5]);
$_POST["timestamp"]=$unixtime;
echo '<pre>';
print_r($_POST);
print_r($_GET);
print_r($_FILES);
echo '</pre>'; 
// roll through the POST variables
foreach($_POST as $key=>$val){
//@@@@@@@@@@@@@||
// needs to be variable ||
//@@@@@@@@@@@@@||
if($key=='timestamp') {
// check whether it is empty
if ($_FILES["graphic"]["name"]["thumbnail"]!=''){
$xxx=$_FILES["graphic"]["name"]["thumbnail"];
$construct.=' `thumbnail`, ';
$inserts.=", '$xxx' "; 
}
}
// bit of a clean up
if($key=='change') continue;
if($key=='deletepic') continue;
//implode the variable if it is an array
if(is_array($val)) {
$val = implode (",", $val);
}

$_POST[$key]=addslashes($val); 
$key_name = rtrim($key, "x");
$construct.=' `'.$key_name.'`, ';
$inserts.=", '".addslashes($val)."' "; 

} 

// end of the POST construct 

// take off the end comma 
$construct = rtrim($construct, ", "); 
// The query
$query = "INSERT INTO `$table` ( `id`, $construct)
VALUES (
'NULL' $inserts
)";
$result= mysql_db_query("$db", $query);
// 
echo $query;
$edit=mysql_insert_id(); 
$path='/';
}
 
//This is the update
if (isset ($change) && $change!=''){
$unixtime=mktime( 0, 0, 0, $timestamp[3], $timestamp[4], $timestamp[5]);
$_POST["timestamp"]=$unixtime;
 
//@@@@@@@@@@@@@||
// needs to be variable ||
//@@@@@@@@@@@@@||
 
foreach($_POST as $key=>$val){
if($key=='timestamp') {
// check whether it is empty
if ($_FILES["graphic"]["name"]["thumbnail"]!=''){
$xxx=$_FILES["graphic"]["name"]["thumbnail"];
$changes.=" thumbnail = '$xxx', "; 
}
if ($deletepic["thumbnail"]=='yes'){
$changes.=" `thumbnail` = '', "; 
}
}
// bit of a clean up
if($key=='change') continue;
if($key=='deletepic') continue;
if(is_array($val)) {
$val = implode (",", $val);
}
$_POST[$key]=addslashes($val); 
$key_name = rtrim($key, "x");
$val=addslashes($val);
$changes.=" $key_name = '$val', "; 
} 
$changes = rtrim($changes, ", ");
 
$query = "UPDATE `$table` SET 
$changes
WHERE `id` ='$change' ";
//echo $query;
$result= mysql_db_query("$db", $query);
}
 
// for the new
if ($add=='yes' || isset ($edit)){
if ( isset ($edit)){
$get='&edit='.$edit;
$coursesx=array();
$query = "select * from $table where id='$edit' ";
// echo $query;
$result= mysql_db_query("$db", $query);
while ($r= mysql_fetch_array($result)) {
foreach($r as $key=>$val)
{
if ($val!=''){ 
$resourcex[$key]=$val;
}
}

}

}
else{
$resourcex["flag"]=$flag;
}
/*print_r($resourcex);
echo $resourcex["buy_link"];*/
?>
<form action="index.php?content=<? echo $content?><? echo $get?>" method="post" ENCTYPE="multipart/form-data" >
<input type="hidden" name="change" value="<? echo $resourcex["id"]?>">
<table summary="" border="0">
<? 
/* echo '<pre>';
print_r($resourcex);
echo '</pre>'; */

$count=3;
foreach ($keytype as $key=>$val)
{
if ($key=='id') continue;
if (in_array($key, $skip_array)) {?>
<input type="hidden" name="<? echo $key?>x" value="<? echo $resourcex[$key]?>">
<? }
else{
?>
<tr>
<? if ($trans_table[$key]!='x'){?>
<td valign="top"><? if (array_key_exists($key, $trans_table)){echo $trans_table[$key];} else { $keyx= str_replace("_", " ", $key); echo ucfirst($keyx);}?></td>
<? }?>
<? if(ereg("^int",$val) && $key!='timestamp' ){?>
<td><input type="text" name="<? echo $key?>x" size="10" maxlength="256" value="<? echo $resourcex[$key]?>"></td>
<? }?>
<? if(ereg("^float",$val) && $key!='image'){?>
<td><input type="text" name="<? echo $key?>x" size="10" maxlength="256" value="<? echo $resourcex[$key]?>"></td>
<? }?>
<? if(ereg("^varchar",$val) && $key!='thumbnail' && $key!='second_picture' && $key!='county' ){?>
<td><input type="text" name="<? echo $key?>x" size="30" maxlength="256" value='<? echo $resourcex[$key]?>'></td>
<? }?>
<? if(ereg("^text",$val)){?>
<? if(ereg("^text",$val) && $key=='overview'){?>
<td><textarea name="<? echo $key?>x" cols="30" rows="5" class="mceEditor" id="elm3" style=" height: 250px;width: 340px;"><? echo $resourcex[$key]?></textarea></td>
<? } elseif(ereg("^text",$val) && $key=='findings'){?> 
<td><textarea name="<? echo $key?>x" cols="30" rows="5" class="mceEditor" id="elm2" style=" height: 250px;width: 340px;"><? echo $resourcex[$key]?></textarea></td>
<? } elseif(ereg("^text",$val) && $key=='main_page'){?> 
<td colspan="2"><textarea name="<? echo $key?>x" cols="30" rows="5" class="mceEditor" id="elm1" style=" height: 250px;width: 560px;"><? echo $resourcex[$key]?></textarea>
<p>
<a href="upload.php" title="Upload Documents" class="iframe">Upload Documents</a>
<span class="tooltip" title="Click here to start the document uploader,The documents will be available to link to in the link list drop-down">
<img src="../images/help.png" border="0" width="15" height="15" alt="" align="top" >
</span>
</p>
</td>
<? }else{?>
<td><textarea name="<? echo $key?>x" cols="30" rows="5" ><? echo $resourcex[$key]?></textarea></td>
<? }?>
<? }?>
<? if(ereg("^set",$val)){
$val = rtrim($val, "')");
$val= ltrim($val, "set('");
$option_array=explode("','", $val );
$content_array=explode(",", $resourcex[$key]);
?>
<td>

<? foreach ($option_array as $keyy=>$valy){?>
<input type="checkbox" name="<? echo $key?>x[]" value="<? echo $valy?>" <? if (in_array($valy,$content_array)){echo ' checked';}?>> <? echo $valy?><br>
<? }?>
<input type="hidden" name="<? echo $key?>x[]" value=""> 
</td>
<? }?>
<? if(ereg("^enum",$val)){
$val = rtrim($val, "')");
$val= ltrim($val, "enum('");
$option_array=explode("','", $val );
?>
<td>
<select name="<? echo $key?>x">
<? foreach ($option_array as $keyy=>$valy){?>
<option value="<? echo $valy?>" <? if ($resourcex[$key]==$valy){echo ' selected';}?>> <? echo $valy?></option>
<? }?>
</select>
</td>
<? }?>
<? if(ereg("bigint",$val)){?>
<td><? 
if (isset ($resourcex[$key])){
$now=$resourcex[$key];}
//echo $now;
date_drop4($key, $now)?>
</td>
<? }?>
<? if(ereg("254",$val ) && $key=='thumbnail' ){?>
<td>
<? if ($resourcex[$key]!=''){?><img src="/scale_img.php?pic=<? echo $resourcex[$key]?>&max=100&folder=pics" alt="" border="0"><br><? }?>

<input type="file" name="graphic[<? echo $key?>]"> <input type="checkbox" name="deletepic[<? echo $key?>]" value="yes"> Delete?
</td>
<? }?>
<? 
$inc_name=$content.'_inc.php';
include ($inc_name);?>
</tr>
<? }}?>
<tr>
<td> </td>
<td><input type="submit" value="Publish"></td>
</tr>
</table>
</form>
<? }?>
</div>
<div id="man_div">
<h3><? echo $words?>s</h3>
 
 
<p><img src="../images/new.png" border="0" width="16" height="16" alt="" align="absmiddle"> <a href="index.php?content=<? echo $content?>&add=yes"><b>Add <? echo $words?></b></a></p>
<table summary="" border="0" width="250">
<? 
$limit_number=25;
if ($temp_access==-1){
$query = "select * from $table where flag='$flag' order by $order";
}
else{
$query = "select * from $table where flag='$flag' and `microsite`=$temp_access order by $order";
}
show_page_numbers_admin($query,$pstart,$limit_number, $content, $include, "", ""); 
$query = add_limit($query,$pstart,$limit_number); 
$result= mysql_db_query("$db", $query);
while ($r= mysql_fetch_array($result)) {
?>
<tr>
<td style="border-bottom: 1px solid;"><? echo $r["title"]?></td>
<td style="border-bottom: 1px solid;" width="20"><a href="index.php?content=<? echo $content?>&edit=<? echo $r["id"]?>"><img src="../images/edit.png" width="16" height="16" alt="" border="0"></a></td>
<td style="border-bottom: 1px solid;" width="20"><a href="index.php?content=<? echo $content?>&delete_resource=<? echo $r["id"]?>" > <img src="../images/kill.png" width="16" height="16" alt="" border="0"></a></td>
</tr>

<? }
?>
</table>
</div>
Edited by mac_gyver
code tags around posted code please

Umm... It looks like the year is defined as an enum in your news table (Which is stupid IMO). Can you post the output of this

printf('<pre>%s</pre>', print_r($keytype, 1));

Add it after these lines in datax.php

while ($r= mysql_fetch_array($result)) {
//create the ket type array
$keytype[$r[Field]]=$r[Type]; 
}

In actual fact all the code in datax.php is no good really. If that is the code to one file I would hazard a guess and deem the entire CMS will need to be re-coded.

Edited by Ch0cu3r
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.